alltheprettyhorses wrote:And I won't be offering ANY information I'm sorry, this wasn't a post that was meant to turn into a social engineering practice session for people to see if they could find the website/check it for themselves. Needless to say I felt discomforted enough reading them.
Back up your claims with some modicum of technical knowledge or don't make them.
Maybe you did some 31337 hax to gain secret documents. Personally, I doubt it. If you re-read what I wrote, you might find more than a slight amount of disbelief in your claims scattered throughout.
The fact that you follow up these questions over the authenticity of your initial claims with "NO! Not going to give no info, might somehow be identifiable!" goes to show just how clueless you are.
You're saying you don't want the site identified, right after you came here contemplating exposing it.
In any sense, I wasn't even asking for any details about the company. Re-read my prior post and you will see that it is not asking for any detail that would not be common among several hundred businesses of the same sort.
More to the point, I was hoping to get a sense of your technical skills: WHAT you exploited, HOW you exploited, and more into WHY you exploited it.
As to the last of the three, you've given me no sense of whether or not you have much of a clue as to what you are doing. No details whatsoever about what sort of attack vectors were used at all: physical access? Malware? Web vulnerability? NONE OF THIS INFO WAS PROVIDED!
And so, I guess as a member of some months here, I should just buy into whatever claims you make of yourself without substantiation? Absolutely not. As far as I am concerned, you did and know nothing, because when I ask simple questions about WHAT and HOW you did it, you dodge the questions with the seemingly clever retort of not wanting to expose the client (hypocritical in and of itself, since the OP was about selling them out).